Created
November 12, 2014 07:45
-
-
Save dan-turner/f9930ddf9cf08861f0b9 to your computer and use it in GitHub Desktop.
LegacyAuthenticationMiddleware
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Linq; | |
using System.Security.Claims; | |
using System.Threading.Tasks; | |
using Microsoft.Owin; | |
using Microsoft.Owin.Security; | |
using Microsoft.Owin.Security.Infrastructure; | |
using Owin; | |
namespace Identity.Web | |
{ | |
public static class LegacyAuthenticationExtensions | |
{ | |
public static IAppBuilder UseLegacyAuthentication(this IAppBuilder app, LegacyAuthenticationOptions options) | |
{ | |
return app.Use(typeof(LegacyAuthenticationMiddleware), app, options); | |
} | |
} | |
public class LegacyAuthenticationOptions : AuthenticationOptions | |
{ | |
public LegacyAuthenticationOptions(string cookieName) | |
: base("Legacy") | |
{ | |
Description.Caption = "Legacy Authentication"; | |
AuthenticationMode = AuthenticationMode.Passive; | |
CookieName = cookieName; | |
CookiePath = "/"; | |
} | |
public string CookieName { get; set; } | |
public string CookiePath { get; set; } | |
public string SignInAsAuthenticationType { get; set; } | |
} | |
public class LegacyAuthenticationMiddleware : AuthenticationMiddleware<LegacyAuthenticationOptions> | |
{ | |
public LegacyAuthenticationMiddleware(OwinMiddleware next, IAppBuilder app, LegacyAuthenticationOptions options) | |
: base(next, options) | |
{ | |
if (string.IsNullOrEmpty(Options.SignInAsAuthenticationType)) | |
{ | |
options.SignInAsAuthenticationType = app.GetDefaultSignInAsAuthenticationType(); | |
} | |
} | |
// Called for each request, to create a handler for each request. | |
protected override AuthenticationHandler<LegacyAuthenticationOptions> CreateHandler() | |
{ | |
return new LegacyAuthenticationHandler(); | |
} | |
} | |
class LegacyAuthenticationHandler : AuthenticationHandler<LegacyAuthenticationOptions> | |
{ | |
protected override Task<AuthenticationTicket> AuthenticateCoreAsync() | |
{ | |
AuthenticationTicket ticket = null; | |
if (Request.User != null && Request.User.Identity.IsAuthenticated) | |
{ | |
Response.Cookies.Delete(Options.CookieName, new CookieOptions() | |
{ | |
Path = "/", | |
Secure = Request.IsSecure, | |
HttpOnly = true | |
}); | |
} | |
else | |
{ | |
var value = | |
Request.Cookies.Where(x => x.Key.Equals(Options.CookieName)).Select(x => x.Value).FirstOrDefault(); | |
if (!string.IsNullOrWhiteSpace(value)) | |
{ | |
var values = value.Split('|'); | |
var identity = new ClaimsIdentity(Options.AuthenticationType); | |
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, values[0])); | |
identity.AddClaim(new Claim(ClaimTypes.Name, values[1])); | |
ticket = new AuthenticationTicket(identity, new AuthenticationProperties() | |
{ | |
ExpiresUtc = DateTime.UtcNow.AddHours(1), | |
IssuedUtc = DateTime.UtcNow.AddMinutes(-1), | |
IsPersistent = true | |
}); | |
} | |
} | |
return Task.FromResult(ticket); | |
} | |
public override async Task<bool> InvokeAsync() | |
{ | |
var ticket = await AuthenticateAsync(); | |
if (ticket != null) | |
{ | |
Context.Authentication.SignIn(ticket.Properties, ticket.Identity); | |
} | |
// Let the rest of the pipeline run. | |
return false; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment